Frigate NVR with Coral TPU

Privacy-First Home Surveillance: Raspberry Pi 5, Docker, and AI Object Detection

Inspiration for this project came from attending a forum hosted by EFF about privacy. I'm starting to explore this space more and more and felt like one good way to cement my new knowledge was to put my project skills where my passions are.

I came across an article about a program called Frigate that would allow me to use an RTSP (Real-Time Streaming Protocol) connection to connect/collect video streams all in one place. I could then record, take snapshots, and actively view these streams from Frigate with some sort of connection to the hardware from the internet. The game was afoot!

The Problem

Over the past few years I have accumulated some cheap but powerful home monitoring cameras. When I got them I didn't necessarily want the AI-enabled features that came along with them, but instead just a simple way to check on things when I'm away, to make sure doors were closed, and to make sure that my dog was where he should be.

These worked GREAT until a couple of months ago when the application I would check on my phone made me watch a video to open the app. Then another ad after selecting the camera I wanted. Then another if I wanted to switch back, and all of that was AFTER I had to close out the ads for new and improved AI features. Too much.

Instead of looking for new cameras that would hopefully not do the same thing, I went with a gut feeling that these things could be hacked.

I was overwhelmed -- not only could they be hacked but there is a huge group of people that support the firmware changes and it really isn't too tricky. Some models work better than others, and connecting to wifi can be a challenge, but I was further inspired by a friend of mine who recently jumped into firmware hacking and was able to pretty easily bypass the trickiness of connecting to wifi with my own modification to the hacked firmware.

Technology Stack

Raspberry Pi 5 Docker Frigate NVR Coral TPU Nginx RTSP Streams RustDesk

I happened to have a Raspberry Pi 5 that I was using for another project. Obviously there is some expenses here that I was getting to avoid, but overall I would say that for less than a fully-kitted NVR system, a person could replicate this setup relatively easily for under 300 USD.

I decided to use a Docker installation of Frigate because I hadn't used Docker very extensively recently and I wanted to see how it would work on the RPi5 hardware. Turns out, great! I was doing this setup work from my Windows PC using RustDesk, which is another highly recommended program for RPi work. It just works.

EFF Privacy Forum inspiration

EFF Privacy Forum - the inspiration that started this privacy-focused project

Camera Configuration

I took the RTSP streams from my cameras (four in total) and combined it with the Frigate configuration to set it all up. I had a couple of cameras that were positioned upside-down and that caused me a little trouble at first. I tried to edit these settings in Frigate, but it seemed a little touchy so I edited the RTSP streams and camera settings directly so that I wouldn't have to adjust the basic configuration:

camera_x:
  ffmpeg:
    inputs:
      - path: rtsp://your_username:your_password@xx.xx.xx.xx/ch0_0.h264
        roles:
          - detect
          - record
    output_args:
      record: preset-record-generic-audio-copy

Performance Challenges and Solutions

At this point I was also only planning on using the RPi5 as-is, but I'll mention that it's worth looking into a Coral TPU if your budget allows. With four streams and settings that were dialed back a bit (height: 720 px, recording settings set to 7, fps set to 5), things got toasty very quickly. That initially translates to spotty streaming but can damage the Pi long-term if you don't have an active cooler in there.

Another way to offload the Pi is to use the TPU for the image detection bits. Lots of great articles out there but I like this one: Frigate NVR with Object Detection on Raspberry Pi 5 + Coral TPU. Setup is a little different if you use the USB Coral as I did, but the principles remain the same and the gains are incredible.

Security Implementation

Security was next. I wanted authentication and I wanted a bit of a shield to put the backend behind, so I went with nginx setup as a reverse proxy. These are neat and super lightweight -- basically, it sits between the client and the backend, playing traffic cop. This is done instead of connecting to my service hardware directly as is done in a regular "forward" proxy.

This is very easy to do, and is well-supported in online forums. There are some docker changes needed, and of course you'll have to supply the login details, but it's all done in about 7 steps. I also set up access to the RTSP feeds with authentication in case I need to simply look at the feed for any reason.

Automation and Reliability

Next up was automating all of this. I needed my Pi to be able to weather a power outage and I didn't want to have to touch this after it was set up (in theory). I configured the Pi to auto-start Rustdesk and Frigate, then Docker and Nginx. I found it best (and you'll read this too) that it's best to add some wait periods for things to spin up. I have some generous wait times in there but I don't mind the 2-4 minute total startup time if I don't have to worry about it when the power comes back on.

All of this worked great and I could see my feeds just fine but running "htop" in the terminal showed me that my cores were cookin! It was then that I decided to commit to two more modifications: adding a separate SSD so that I could store information for a longer time without wasting space on my Pi and adding a Coral TPU to offload the CPU cores.

Hardware Upgrades

I found a deal on a terabyte USB SSD, and I pondered the different hat solutions (Coral and non-Coral). I ended up going with the USB Coral device. While I don't realize that absolute fastest object detection (though 40x faster than just the CPU), I can use the USB Coral TPU on my other devices if I want to.

The SSD took a little configuration. I'm not as familiar with Linux as I once was, but it wasn't too tricky to mount the new drive and point the storage commands to it.

The Coral device was dreamy to set up. Plug it in, watch it cook. I verified that the Pi saw it, that it was functioning, and a few other tests of course but it was really plug-and-play. I had to switch my .yml files from using the CPU to using the TPU. I restarted the services and checked the logs...then I was done!

Daily Integration

Almost, lol. I really really wanted a way to interact with this on a daily basis but in a "positive" way. I settled on an Frigate API-driven daily email update to myself (from a new email address) that would tell me what yesterday's detection was up to. I included a link to the Frigate service in case I wanted to check things out further. The last piece was to set up the cron job such that I would email myself this update.

Sample Frigate detection email

Sample daily email update showing detection summary from Frigate

Results and Performance

Overall, I am delighted with how this turned out. My RPi CPU utilization is at 20% when I'm connected through RustDesk and 13% when I'm not. The email updates keep me plugged into the systems often enough that I don't feel like I'm abandoning anything, and I can always just auto-file it away if I don't care to peruse the findings.

In all, this project was great. It took a weekend to do this, working steadily along as the hardware showed up (TPU and SSD were new additions).

I will anonymize the code and add it to my GitHub when I can but reach out if you'd like to see any of the code.

View Code on GitHub (Coming Soon) →